1. Field of the Invention
The present invention relates to distributed computer systems. More specifically, the present invention relates to a method and apparatus for securely deploying and managing applications in a distributed-computing infrastructure.
2. Related Art
Distributed computing is widely expected to reduce costs and increase efficiencies by revolutionizing the way in which enterprises use and manage resources in their IT (Information Technology) infrastructure. A distributed-computing environment (or infrastructure), such as a grid-computing infrastructure, usually treats resources as virtualized services, thereby optimizing resource utilization.
Enterprises usually centralize security and identity management functions through a shared infrastructure. Unfortunately, existing implementations of shared infrastructures are complex and proprietary due to the lack of a consistent enterprise-wide delegation model.
Specifically, enterprises are typically subdivided into smaller groups. Usually, each of these groups has its own IT infrastructure. Typically, applications (or components) are installed (or deployed) in a group by a local administrator. Note that in order to install an application, different local administrators typically require different privilege levels in the shared infrastructure. Moreover, during run-time, different applications also typically require different privilege levels to access the shared infrastructure.
This creates two problems. First, the administrators of the shared infrastructure must trust the application installers enough to grant them high privilege levels to install applications. In a large enterprise, this may lead to a large number of installers who have high privilege levels, which is undesirable for obvious security reasons. Consequently, this makes it very difficult to delegate deployment responsibility in a secure manner. Second, granting high privilege levels to applications is also undesirable, because a high privilege level can allow a malfunctioning application to corrupt shared data or expose information that should not be accessible to other applications.
Hence, what is needed is a method and apparatus to securely delegate privileges, thereby enabling secure deployment and management of applications in a distributed-computing infrastructure without the problems described above.